By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

It could be a friendly introduction such as, “Hello, we met at XX Conference last week, I have a report I’d like you to review, I will send it over shortly,” said Aaron Higbee, co-founder and CTO of PhishMe.

“An hour or so later, the report arrives, just as promised,” Higbee said.

This tactic is aimed at improving the odds that even a fairly security-savvy employee would be tricked into opening the malicious attachment that could launch an information-stealing Trojan.

Similarly, attackers are even responding to potential phishing victims, as shown by the recent report by US security company Mandiant.

On 18 February 2013, the company published a report that identified a secretive branch of China's military based in Shanghai as one of the world's "most prolific cyber espionage groups".

The report described a tactic used by the group of responding to queries from potential phishing victims to create the illusion that the phishing email was trustworthy.

To counter this new type of attack, PhishMe has introduced the scenario to its product features that is particularly aimed at customers with mature training programmes.

“This is for a user base that is already resilient to basic phishing tactics,” said Higbee.

“Just as the “P” in APT stands for persistent, organisations need to be persistent in training their user base, and the new ‘double barrel’ feature will allow our customers to enhance their already successful programmes in a meaningful way that addresses a real world problem,” he said.

Double barrel scenarios can be customised to send the lure after the malicious email, stagger the delay between emails and flag one or both emails as urgent.

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy